16a6baf82a2fb1c366cc6f94c382d55172e72855a5e435c898c6429aab2edd3c

Sharing

Copy URL

Twitter E-mail

General

Target

e8be4055efbe8cc540ddc756575bb820_JaffaCakes118
Size

20.9MB
Sample

240408-31hcssfg25
MD5

e8be4055efbe8cc540ddc756575bb820
SHA1

db2eb536212e1932f291e2b59595f51977f34e75
SHA256

16a6baf82a2fb1c366cc6f94c382d55172e72855a5e435c898c6429aab2edd3c
SHA512

122836c78a5e70218730d42d1e02ca5c15db22d6029ed7eb61fc300f6b33d3a28ade1e5151b77d9be87399b2988e6618791afd4c97ca56ad8bc6cd1f1949b7db
SSDEEP

393216:O1iJ+WJ/0B2HCWGU5c4heCmAOrGeHtM5QilCtf2EPsYIoYYyVZMNm:OQ/0BCCWF64UCPOrGeNMbCl2EPsJDVZh

Score

7^/10

upx

Malware Config

Targets

- Target
  
  155绿色软件站.url
- Size
  
  219B
- MD5
  
  3a1f2a8a3ef08ae269517a69ea918b2c
- SHA1
  
  7d2e6719702bc8472e045e010efa6ed3f7df4b5b
- SHA256
  
  66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd
- SHA512
  
  22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576
Score

1^/10
behavioral1 behavioral2
- Target
  
  三好1010版.exe
- Size
  
  20.9MB
- MD5
  
  00204c45029dd4bb5550dde205a92753
- SHA1
  
  b1a967c2470a98afc8fe85e47fb828e0857f6275
- SHA256
  
  82f30b0ddc19fca5cb1857f2aaf39fc0b8136bef8d2dba78200708f24668af2b
- SHA512
  
  7faf5e70cd4d7023c9e9b9d3c4bff202cbbb2c273ddb39be4dca88be65b00e112748bb83e84e473c93571731e989f5b98bbd78253750ab891ec73fd4e5a1cc32
- SSDEEP
  
  393216:ldd+fmTd/g/vFIh0MdXTjuRGUGT0k4qemk5p6hqS9VS0PPmXW4mUM7:lddC6d/UaKMxTKRWADPKbPmmLl
Score

3^/10
behavioral3 behavioral4
- Target
  
  $COMMONFILES/PPLiveNetwork/MngModule.dll
- Size
  
  814KB
- MD5
  
  52d48f039b1271fe91c4a7275603c7bf
- SHA1
  
  e488ef8a8e5cb0fa37a4f706b66e63aa30fe725d
- SHA256
  
  4514c9cd5c1b8fbafaddaf74aae25c253bffb1a1de77f1191b5873e0cbb1bb3e
- SHA512
  
  0daa62cb92a887f1e5266fe25d18f291f87979c715a9f4b86de705ecfcefd1c08bc1e15b1e9df43d2d5dfec2bfebfd1964d0fde7f2121280b8a5f98693c3b127
- SSDEEP
  
  12288:vMMUbyO6atIvZrW4e0W2r8cEfycBnkmfF4qjsyOgn9tu6AwhFt:VvZyV2fstrsyOI9tu6AwhFt
Score

1^/10
behavioral5 behavioral6
- Target
  
  $COMMONFILES/PPLiveNetwork/PPAP.exe
- Size
  
  181KB
- MD5
  
  71d558d35fccffa53e6d6414bbf91de3
- SHA1
  
  4f484219296fdb004168f8b875dc878f3ff6d392
- SHA256
  
  631ff4824532ef5fe018eeb95303f9207c55a1c744823a79ee5904c5683ba2c2
- SHA512
  
  2cfa44c0d354d4ba311a7a9fb7fd4c866c0a8f44632f9a0ead22e286f603c89dcb5b6c389f542c18848a256378229014b7cfdcc9206c78f2cb6dda17b9de211a
- SSDEEP
  
  3072:5OByJF8UBy2zneJDQpiEIII1IIaVkbAGAdzB3Yt/nGxn8:jn8Uo2znaQgEIII1IIaVBGM3Zx8
Score

1^/10
behavioral7 behavioral8
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/FWUpnp.dll
- Size
  
  140KB
- MD5
  
  be2d4b56d5d40afca9c804d0776a25c6
- SHA1
  
  7ea48cf0e980fe999f14338f44ad4c57c9b714de
- SHA256
  
  e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4
- SHA512
  
  f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627
- SSDEEP
  
  3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5
Score

3^/10
behavioral10 behavioral9
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/Hookkernel.dll
- Size
  
  249KB
- MD5
  
  9e5ec82ae6eaf73c21b344af16fc6e37
- SHA1
  
  bfc552d9ec37858b7b197b089e05bae9733cc42f
- SHA256
  
  9b89df0d08de3583210271f583d1ea4eb73c40d0a611dcb7512452987285bcc7
- SHA512
  
  21ff67c6907a4d0dd4049285770d84942b19196649d384408c2404dc922141ee6a80d1f31e673f59de12d3f587c1c3e4d1c8db56eea73989f30bcb53fb3a06e0
- SSDEEP
  
  3072:6u6T0e0OOzOpNahx4X7seraCgb9GWAMRnUc6ZkdTkel1+EluZBQywr73sB68yhtW:QuUNahx4rxr3nqRnU5HevaZBQuyvceI
Score

1^/10
behavioral11 behavioral12
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/PPHookShell.dll
- Size
  
  241KB
- MD5
  
  f9b346bcfec4605755d4435e8eac34a1
- SHA1
  
  f694ece30381ca9dc37e18030454a56a737ce4a4
- SHA256
  
  e0596457bec914a3281ad614a23c1c3c11bd9c95ddabf090d68d3bca4854c92a
- SHA512
  
  60a17bd0b971690818b26e45ee8ca335e3b1820ac73d229f54b55b2e23acb051a45c00275a5ea1b35ac1caf2d1626fed34f0296fc8d7a41b0139b0aa0e226e7b
- SSDEEP
  
  3072:LZFvombK4A6NvgJvcYwUuSaEwTG4SJK7hqmYLzhJR7CIgNldwr73GPAG3StoIZTx:rKI5UcdUuSaEwa4S0qmATpHgNTljIBF
Score

1^/10
behavioral13 behavioral14
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/VAProxyD.dll
- Size
  
  97KB
- MD5
  
  c3a7c71bce4ec04d63b7ef8ec9958c39
- SHA1
  
  cbe84ecbae1eb37557426783b7fa89a804d4fc09
- SHA256
  
  02a78e77cb64d9fa1f90ed2be6d9ff7b94624b2a790ed8109bfe61e66ebd825f
- SHA512
  
  9a5579cd5c437158d8277b64e583d18cd0113c186d1013e3c57c92d39a16b412ce9f95aef09dbbd05a36cab62e5193532c41eea6850b0a77d8502e7d1fa23468
- SSDEEP
  
  1536:2ublP85a1u5pJfGdw13FpZxRCH4zwpmW7RZO7VccUCdPJL8QaECL:2mU81UGd8RCYemWDSKCJZAD
Score

1^/10
behavioral15 behavioral16
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/live/Live.dll
- Size
  
  205KB
- MD5
  
  ec03fa69a025dc807314b9dcb5498986
- SHA1
  
  a0f5abfa07ce548f10b806922eff748d2652f0e9
- SHA256
  
  c3c5091dad0c0be701f6da2ae41a07f3614d6f567031dda823e5a320483c2243
- SHA512
  
  78c30b0616686454be4c2eff375c91445270effb8d7bcbca372692ed86ce9dc383f91512fc65a937cd7c478c0c5cbd840e301aceabbf7d3c58cb92a80671cabb
- SSDEEP
  
  6144:juVS50/4IMjqndIM7NpiLgqe4tQ+PAHWgaWSJKR82+gS45y69z6gm61xdO:jg82+gS4J9+gO
Score

1^/10
behavioral17 behavioral18
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/live/mir.dll
- Size
  
  1.1MB
- MD5
  
  a4354640020d7940bf14afad4e9aec84
- SHA1
  
  238db777283f149f687147bbb61a9d94197b5036
- SHA256
  
  5969d022510794f883ef269d1a1dc9a1ca430d77a89087561db384f427f4fa4d
- SHA512
  
  1b2a396289a81488e0f13fd20f0a5ff6e3e6d16eb5897c79453b38de55f57adab9992ad73b55354208e2cf4f998afd82d9644951f46979bf5a07e2a64b1b9f55
- SSDEEP
  
  24576:pmEFGhfGKMBL0I6NnVlCu6npqC+CucaTP0TznZcFLAtqtUrwDq28PpDvr1D:9FKWUnVr6n9+CK0jZcpAtqUMDrqlvJD
Score

1^/10
behavioral19 behavioral20
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/peer.dll
- Size
  
  2.2MB
- MD5
  
  eb8b0953d563634496700341032d7f3b
- SHA1
  
  b52ea7341f1ba416e7dae189fd000e7b7d312218
- SHA256
  
  0565b6a796813f6cece47df5c146c63729df1acc3dd47afb520192cb2b05362e
- SHA512
  
  7a9f0cbddedc8019574bdec0196c019adda90a655d396ff48fdac95fade21dde44436cc9392e8f6b79dac4d0b27ece4f3cfcfe383921e34b2dec7101600005dc
- SSDEEP
  
  49152:zvL/TTwoj2Rq4m/6qGrikXPFPUWrU29zeSgUHxCRrXr5PTbY26TJmekaxtY0Q:X/T1j2Rqol24iv
Score

3^/10
behavioral21 behavioral22
- Target
  
  $COMMONFILES/PPLiveNetwork/kernel/sop.dll
- Size
  
  441KB
- MD5
  
  f7a46d933e8065ad872339aa4b69c968
- SHA1
  
  b64d12f885131ce4e0ceb3b5cdd6f6b56eeab855
- SHA256
  
  e27553f463256aa08ed026a221874a604c40ae3d8f19c37bcff7c6f1228fa153
- SHA512
  
  24ca6e9d0d8ed196f8b5f30cc2af2b14bfaa7910386a48903fc92413e2e23249f21becc00751f2057698b97ebb62576efd8ca6e4c9e5f003173b33cdcc04516e
- SSDEEP
  
  12288:v6DCYXjWaSMWCX4906BJZVY+dO9bZBdb0p:v6GOs3906BJZVY+dAZBdb0p
Score

3^/10
behavioral23 behavioral24
- Target
  
  $COMMONFILES/PPLiveNetwork/player/CoreAAC.ax
- Size
  
  312KB
- MD5
  
  b0ffac757be8d6cc41e1131eb2b0d959
- SHA1
  
  0e41733a050bc2ed53fda6337d6501b9942317c2
- SHA256
  
  04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597
- SHA512
  
  356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3
- SSDEEP
  
  6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk
Score

1^/10
behavioral25 behavioral26
- Target
  
  $COMMONFILES/PPLiveNetwork/player/CoreAVC.2.0.0.0.ax
- Size
  
  265KB
- MD5
  
  a45cfb1f058297ae981f8afeef056b8d
- SHA1
  
  e454ed585a0f19d3119cef725958ea19c93cd7cf
- SHA256
  
  779768aa0bf2270422e1686547ae622238e7b7cf37ce212a1d75caf8628c1508
- SHA512
  
  efa87c97e4f76d5fbd73d2e0c5c580c719518d4e3e7e16efdb1355b659c9584956bc7df944f0d637f069f359a046fe65bfd178e4cbaf97fbb5921ebd29e09aa0
- SSDEEP
  
  6144:/+x+B++xX1f3uZINBKD5wlA9amB38sDFe9E23XbFDZ:Wi+A1fJ2wlhmKsg22nbNZ
Score

1^/10
behavioral27 behavioral28
- Target
  
  $COMMONFILES/PPLiveNetwork/player/CoreAVC.ax
- Size
  
  181KB
- MD5
  
  c264fed121afd44bda8bf0ff8f4e4269
- SHA1
  
  7480a3b26b81045a1504e68e15225682bcc6f440
- SHA256
  
  cb8d9d80dcd48d9a9e3d87c847c47125f7201a98fb5abb4bd6c443322071b951
- SHA512
  
  99ed4b723b2b7a90fce8e9bf9ee8d5a1440c4d569638ff6a1aa59354c8bca91618a13c440f754fad3ae22c306709da35b4c53b8a00a09753027eaed0d238052b
- SSDEEP
  
  3072:eFX0fCcmjZvyTdndzMryzKdvYQ/5c0q3ARsK/l74obxK7Dtp0XRHSOg9lX9cWR82:GEKpZY2r3VYQ/c0d7Hbw7pp0X8hlX6WB
Score

1^/10
behavioral29 behavioral30
- Target
  
  $COMMONFILES/PPLiveNetwork/player/HTTP_ASF_SOURCE.ax
- Size
  
  511KB
- MD5
  
  2ca0666cb7eebc4f31d1b1cd5567defa
- SHA1
  
  57937bc69d62e8405742137b94172b129274c77d
- SHA256
  
  5ccfce12fdeb592955cd14154446374a547864a6b5ef1a5a5d9cd801121a0128
- SHA512
  
  bac83324d390f961aec228ddee702a0709e9e59501500592e8fc5f30e0236719836b86c880e9cc90af3747c2b23dcce7ce1b7b29121740c82a0b9fb8fc086e41
- SSDEEP
  
  6144:xEBjCmsazwA6exhQWHb7Do9b2GRPKT1E9o5H4G/VmKEYTzKKAmKCetU0ub7lqE:w+m3P6exhQW77TiSECrYKfTmSrVqE
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32